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ABSTRACT 



A method and device for securing a removable Attached 
Computer Module ("ACM'') 10. ACM 10 inserts into a 
Computer Module Bay ("CMB") 40 within a peripheral 
console to form a functional computer such as a desktop 
computer or portable computer. The present ACM 10 
includes a locking system, which includes hardware and 
software 600, 700, to prevent accidental removal or theft of 
the ACM from the peripheral console. While ACM is in 
transit, further security is necessary against illegal or unau- 
thorized use. If ACM contains confidential data, a high 
security method is needed to safeguard against theft. 

23 Claims, 7 Drawing Sheets 
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PASSWORD PROTECTED MODULAR such as smaller keyboards and the like. Furthermore, these 

COMPUTER METHOD AND DEVICE devices have limited common platforms to transfer infor- 
mation to and from these devices and other devices such as 

CROSS REFERENCE TO RELATED PCs. 

APPLICATIONS s Up to now, there has been little common ground between 

these platforms including the PCs and laptops in terms of 

The following two commonly-owned copending upgrading, casc-of-use, cost, performance, and the like, 

applications, including this one, are being filed concurrently Many differences between these platforms, probably some- 

and the other one is hereby incorporated by reference in their what intentional, has benefited computer manufacturers at 

entirety for all purposes: the cost of consumers. A drawback to having two separate 

1. U.S. patent application Scr. No. 097183,816, William computers is that the user must often purchase both the 
W. Y. Chu, enliUed, "Modular Computer Security Method desktop and laptop to have "total" computing power, where 
and Device" and me desktop serves as a "regular" computer and the laptop 

2. U.S. patent application Ser. No. 09/183,493, William both computers 
1IIV/X j a n j« 4 . jw j i A . is otten costly and runs thousands of dollars. The user also 
W.YChu, entitled, "Password Protected Modular Computer 15 wasles a significanl of lime transferring software 

Method and Device . and data fasten the two types of computers. For example, 

DApyrDnnxm -mr uvn/rvrrrrkM lne user must oflen couple the portable computer to a local 

BACKGROUND OF THE INVENTION afca nctwork ^ ^ tQ fl ^ pQrl ^ & modcm and 

The present invention relates to computing devices. More men manually transfer over files and data between the 

particularly, the present invention provides a method and 20 desktop and the portable computer. Alternatively, the user 

device for securing a personal computer or set-top box using oftcn must use fio PPy ^sks t0 "^P" U P fi!cs ™ d programs 

password protection techniques. Merely by way of example, J* 1 exce f d the storage capacity of conventional floppy 

the present invention is applied to a modular computing ^ and transfcr mc flo PPy dlsk data manually. 

environment for desk top computers, but it will be recog- Another drawback with the current model of separate 

nized that the invention has a much wider range of appli- 25 P orlable ™ d dcskt0 P computer is that the user has to spend 

cability. It can be applied to a server as well as other portable mon # e y 10 ^ «mp««* and peripherals the are duplicated 

or modular computing applications. m * least ° DC con |P ut " s - . Fo ' CXa ? p > k bo * ^ 

F B ™ desktop and portable computers typically include hard disk 

Many desktop or personal computers, which are com- drives, floppy drives, CD-ROMs, computer memory, host 

monly termed PCs, have been around and used for over ten 30 processors, graphics accelerators, and the like. Because 

years. The PCs often come with state-of-art microprocessors program software and supporting programs generally must 

such as the Intel Pentium™ microprocessor chips. They also be installed upon both hard drives in order for the user to 

include a hard or fixed disk drive such as memory in the operate programs on the road and in the office, hard disk 

giga-bit range. Additionally, the PCs often include a random space is often wasted. 

access memory integrated circuit device such as a dynamic 35 One approach to reduce some of these drawbacks has 

random access memory device, which is commonly termed been the use of a docking station with a portable computer. 

DRAM. The DRAM devices now provide up to millions of Here, the user has the portable computer for "on the road" 

memory cells (i.e., mega-bit) on a single slice of silicon. PCs use and a docking station that houses the portable computer 

also include a high resolution display such as cathode ray for office use. The docking station typically includes a 

tubes or CRTs. In most cases, the CRTs are at least 15 inches separate monitor, keyboard, mouse, and the like and is 

or 17 inches or 20 inches in diameter. High resolution flat generally incompatible with other desktop PCs. The docking 

panel displays are also used with PCs. station * ^ g enerall y not compatible with portable com- 

w , . i | j . * puters of other vendors. Another drawback to this approach 

Many external or peripheral devices can be used with the £ ^ ^ We tcr t icall has lowcr ^ crfor . 

PCs. Among others these peripheral devices mclude mass mance and fonctionality ^ a conventional desktop PC. 

storage devices such b .a Zip ™ Drive product sold by 45 For example, the processor of the portable is typically much 

Iomega Corporation of Utah. Other storage devices mclude slower thaQ 

processors in dedicated desktop computers, 

external hard drives, tape drives, and others. Additional becausc of consumption and heat dissii )ation con* 

devices include comroumcauon devices such as a modem cerns ^ m e , jt Ls noled ma , >t , he ^ of dtaftj 

which can be used to link the PC to a wide area network of of , he , applicatioilj some top-of^e-line desktops 

computers such as the Internet. Furthermore, the PC can 50 mchlde m MHz processors whereas t 0 p. 0 f., h e.line note- 

mclude output devices such as a printer and other output book com ers mdude 26fi MHz rocessors 

means. Moreover, the PC can include special audio output Another drawback ^ d ^ ^ fa 

devices such as speakers the like. . . . , c . * 

r the typical cost of portable computers with docking stations 

PCs also have easy to use keyboards, mouse input can approach lhc M of having a ^ ^ portable ^m- 

devices, and the like. The keyboard is generally configured 55 put er and a separate desktop computer. Further, as noted 
similar to a typewriter format. The keyboard also has the above> because mcTenl vendors of portable co mpiJlers have 
length and width for easily inputting information by way of propr i e tary docking stations, computer users are held cap- 
keys to the computer. The mouse also has a sufficient size ave by ±tir inveslments and must rely upon me particular 
and shape to easily move a curser on the display from one compute r vendor for future upgrades, support, and the like, 
location to another location. 60 nus what k needed are computer systems that provide 
Other types of computing devices include portable com- reduccd ^ investment in redundant computer components 
puting devices such as "laptop" computers and the like. pr0 vide a variable level of performance based upon 
Although somewhat successful, laptop computers have computer configuration, 
many limitations. These computing devices have poor dis- 
play technology. In fact, these devices often have a smaller 65 SUMMARY OF THE INVENTION 
flat panel display that has poor viewing characteristics. According to the present invention, a technique including 
Additionally, these devices also have poor input devices a method and device for securing a computer module using 
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a password in a computer system is provided. In an exem- FIG. 2 is a simplified diagram of a computer module 

plary embodiment, the present invention provides a security according to an embodiment of the present invention; 

system for an attached computer module ("ACM"). In an piG. 3 is a simplified side-view diagram of a computer 

embodiment, the ACM inserts into a Computer Module Bay module according l0 an embodiment of the present inven- 

(CMB) within a peripheral console to form a functional s ^on; 

computer. Pjq ^ ^ a 5^1^^ layout diagram of a security system 

In a specific embodiment, the present invention provides for a syslem according to ^ embodiment of the 

a computer module. The computer module has an enclosure present invention* 

that is msenable into a console. The module also has a RG 5 a ^ ^ of & s 

central proc^ng un« (,.e mtegrated email, chip) in the ,o for according to an embodiment of the 

enclosure. The module has a hard disk dnve in the enclosure, resent invention* and 

where the hard disk drive is coupled to the central processing P , , e 

unit. The module further has a programmable memory ™ S * 6 «*7 show simplified flow diagrams of security 

device in the enclosure, where the programmable memory mcthods accordm S to embodiments of the present invention, 

device can be configurable to store a password for prevent- 15 DESCRIPTION OF SPECIFIC EMBODIMENTS 

ing a possibility of unauthorized use of the hard disk drive I. System Hardware 

and/or other module elements. The stored password can be FIG. 1 is a simplified diagram of a computer system 1 

any suitable key strokes that a user can change from time to according to an embodiment of the present invention. This 

time. In a further embodiment, the present invention pro- diagram is merely an illustration and should not limit the 

vides a permanent password or user identification code 20 scope of the claims herein. One of ordinary skill in the art 

stored in flash memory, which also can be in the processing would recognize other variations, modifications, and alter- 

unit, or other integrated circuit element. The permanent natives. The computer system 1 includes an attached com- 

password or user identification code is designed to provide puter module (i.e., ACM) 10, a desktop console 20, among 

a permanent "finger print" on the attached computer module. other elements. The computer system is modular and has a 

In a specific embodiment, the present invention provides 25 variety of components that are removable. Some of these 

a variety of methods. In one embodiment, the present components (or modules) can be used in different 

invention provides a method for operating a computer computers, workstations, computerized television sets, and 

system such as a modular computer system and others. The portable or laptop units. 

method includes inserting an attached computer module In the present embodiment, ACM 10 includes computer 

("ACM") into a bay of a modular computer system. The 30 components, as will be described below, including a central 

ACM has a microprocessor unit (e.g., microcontroller, processing unit ("CPU"), IDE controller, hard disk drive, 

microprocessor) coupled to a mass memory storage device computer memory, and the like. The computer module bay 

(e.g., hard disk). The method also includes applying power (i.e., CMB) 40 is an opening or slot in the desktop console, 

to the computer system and the ACM to execute a security The CMB houses the ACM and provides communication to 

program, which is stored in the mass memory storage 35 and from the ACM. The CMB also provides mechanical 

device. The method also includes prompting for a user protection and support to ACM 10. The CMB has a mechani- 

password from a user on a display (e.g., flat panel, CRT). In cal alignment mechanism for mating a portion of the ACM 

a further embodiment, the present method includes a step of to the console. The CMB further has thermal heat dissipation 

reading a permanent password or user identification code sinks, electrical connection mechanisms, and the like. Some 

stored in flash memory, or other integrated circuit element. 40 details of the ACM can be found in co -pending patent 

The permanent password or user identification code pro- application Nos. 09/149,882 and 09/149,548 filed Sep. 8, 

vides a permanent finger print on the attached computer 1998, commonly assigned, and hereby incorporated by 

module. The present invention includes a variety of these reference for all purposes. 

methods that can be implemented in computer codes, for In a preferred embodiment, the present syslem has a 

example, as well as hardware. <5 security system, which includes a mechanical locking 

Numerous benefits are achieved using the present inven- system, an electrical locking system, and others. The 
lion over previously existing techniques. The present inven- mechanical locking system includes at least a key 11. The 
tion provides mechanical and electrical security systems to key 11 mates with key hole 13 in a lock, which provides a 
prevent theft or unauthorized use of the computer system in mechanical latch 15 in a closed position. The mechanical 
a specific embodiment. Additionally, the present invention 50 l atcn > m me closed position, mates and interlocks the ACM 
substantially prevents accidental removal of the ACM from to the computer module bay. The mechanical latch, which 
the console. In some embodiments, the present invention also has an open position, allows the ACM to be removed 
prevents illegal or unauthorized use during transit. The from the computer module bay. Further details of the 
present invention is also implemented using conventional mechanical locking system are shown in the Fig. below, 
technologies that can be provided in the present computer 55 FIG. 2 is a simplified diagram of a computer module 10 
system in an easy and efficient manner. Depending upon the according to an embodiment of the present invention. This 
embodiment, one or more of these benefits can be available. diagram is merely an illustration and should not limit the 
These and other advantages or benefits are described scope of the claims herein. One of ordinary skill in the art 
throughout the present specification and are described more would recognize other variations, modifications, and alter- 
particularly below. 60 natives. Some of the reference numerals are similar to the 

These and other embodiments of the present invention, as previous Fig. for easy reading. The computer module 10 

well as its advantages and features, are described in more includes key 11, which is insertable into keyhole 13 of the 

detail in conjunction with the text below and attached FIGS. lock * ^ lock Das at least *»o position, including a latched 

or closed position and an unlatched or open position. The 

BRIEF DESCRIPTION OF THE DRAWINGS 65 latched position foe ACM to the computer module 

FIG. 1 is a simplified diagram of a computer system bay. The unlatched or open position allows the ACM to be 

according to an embodiment of the present invention; inserted into or removed from the computer bay module. As 
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shown, the ACM also has a slot or opening 14, which allows dashed lines. The layout diagram has a first portion, which 

the latch to move into and out of the ACM. The ACM also includes a central processing unit ("CPU") module 400, and 

has openings 17 in the backside for an electrical and/or a second portion, which includes a hard drive module 420. 

mechanical connection to the computer module bay, which A common printed circuit board 437 houses these modules 

is connected to the console. 5 and the like. Among other features, the ACM includes the 

FIG. 3 is a simplified side-view diagram of a computer central processing unit module 400 with a cache memory 

module according to an embodiment of the present inven- 405, which is coupled to a north bridge unit 421, and a host 

tion. This diagram is merely an illustration and should not interface controller 401. The host interface controller 

limit the scope of the claims herein. One of ordinary skill in includes a lock control 403. As shown, the CPU module is 

the art would recognize other variations, modifications, and 10 disposed on a first portion of the attached computer module, 

alternatives. Some of the reference numerals are similar to and couples to connectors 17. Here, the CPU module is 

the previous FIG. for easy reading. As shown, the ACM spatially located near connector 17. 

module inserts into the computer module bay frame 19, The CPU module can use a suitable microprocessing unit, 

which is in the console. A side 27 and a bottom 19 of ACM microcontroller, digital signal processor, and the like. In a 

slide and fit firmly into the computer module bay frame, 15 specific embodiment, the CPU module uses, for example, a 

which has at least a bottom portion 19 and back portion 26. 400 MHz Pentium II microprocessor module from Intel 

A backside 23 of the ACM faces backside 26 of the frame. Corporation and like microprocessors from AMD 

ACM also has a front-side or face 25 that houses the lock Corporation, Cyrix Corporation (now National Semiconduc- 

and exposes the keyhole 13 to a user. The key 11 is insertable tor Corporation), and others. In other aspects, the micropro- 

from the face into the keyhole. 20 cessor can be one such as the Compaq Computer Corpora - 

As the ACM inserts into the frame, connector 17 couples uon Alpha Chip, Apple Computer Corporation PowerPC G3 

and inserts into connector 21. Connector 17 electrically and processor, and the like. Further, higher speed processors are 

mechanically interface elements of the ACM to the console contemplated in other embodiments as technology increases 

through connector 21. Latch 14 should be moved away from in the future. 

the bottom side 19 of the module bay frame before inserting 25 In the CPU module, host interface controller 401 is 

the ACM into the frame. Once the ACM is inserted fully into coupled to BIOS/flash memory 405. Additionally, the host 

the frame, latch 15 is placed in a closed or lock position, interface controller is coupled to a clock control logic, a 

where it keeps the ACM firmly in place. That is, latch 15 configuration signal, and a peripheral bus. The present 

biases against a backside portion 29 of the ACM enclosure invention has a host interface controller that has lock control 

to hold the ACM in place, where the connector 17 firmly 30 403 to provide security features to the present ACM. 

engages, electrically and mechanically, with connector 21. Furthermore, the present invention uses a flash memory that 

To remove the ACM, latch 15 is moved away or opened includes codes to provide password protection or other 

from the back side portion of the ACM enclosure. ACM is electronic security methods. 

manually pulled out of the computer module bay frame, The second portion of the attached computer module has 

where connector 17 disengages with connector 21. As 35 the hard drive module 420. Among other elements, the hard 

shown, the key 11 is used to selectively move the latch in the drive module includes north bridge 421, graphics accelerator 

open or locked position to secure the ACM into the frame 423, graphics memory 425, a power controller 427, an IDE 

module. controller 429, and other components. Adjacent to and in 

In most embodiments, the ACM includes an enclosure parallel alignment with the hard drive module is a personal 

such as the one described with the following components, 40 computer interface ("PCI") bus 431, 432. A power regulator 

which should not be limiting: 435 is disposed near the PCI bus. 

1) A CPU with cache memory; In a specific embodiment, north bridge unit 421 often 

2) Core logic device or means; couples to a computer memory, to the graphics accelerator 

3) Main memory 423, 10 lhe IDE controller, and to the host interface controller 
1 A . t . „ , ^. , ^ . /«„^^„v , . 45 via the PCI bus. Graphics accelerator 423 typically couples 

4) A single primary Hard Disk Dnve ("HDD ) that has a lQ a graphics memory ^ md Qlher , D£ ^ 

security program, trollcr 429 gcncra u y supports and provides timing signals 

5) Flash memory with system BIOS and programmable nec essary for the IDE bus. In the present embodiment, the 
user password; IDE controller is embodied as a 643U2 PCI-to IDE chip 

6) Operating System, application software, data files on 50 from CMD Technology, for example. Other types of buses 
primary HDD; than itje are contemplated, for example EIDE, SCSI, 1394, 

7) An interface device and connectors to peripheral con- and the like in alternative embodiments of the present 
sole; invention. 

8) A software controllable mechanical lock, lock control The bard drive module or mass storage unit 420 typically 
means, and other accessories. 55 includes a computer operating system, application software 

The ACM connects to a peripheral console with power program files, data files, and the like. In a specific 

supply, a display device, an input device, and other elements. embodiment, the computer operating system may be the 

Some details of these elements with the present security Windows98 operating system from Microsoft Corporation 

system are described in more detail below. of Redmond Wash. Other operating systems, such as 

FIG. 4 is a simplified layout diagram of a security system 60 WindowsNT, MacOS8, Unix, and the like arc also contem- 

for a computer system according to an embodiment of the plated in alternative embodiments of the present invention, 

present invention. This diagram is merely an illustration and Further, some typical application software programs can 

should not limit the scope of the claims herein. One of include Office98 by Microsoft Corporation, Corel Perfect 

ordinary skill in the art would recognize other variations, Suite by Corel, and others. Hard disk module 420 includes 

modifications, and alternatives. The layout diagram illus- 65 a hard disk drive. The hard disk drive, however, can also be 

trates the top-view of the module 10, where the backside replaced by removable hard disk drives, read/write CD 

components (e.g., Host Interface Controller) are depicted in ROMs, flash memory, floppy disk drives, and the like. A 
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small form factor, for example 2.5", is currently The attached computer module also has a flash memory 

contemplated, however, other form factors, such as PC card, device 505 with a BIOS. The flash memory device 505 also 

and the like are also contemplated. Mass storage unit 240 has codes for a user password that can be stored in the 

may also support other interfaces than IDE. Among other device. The flash memory device generally permits the 

features, the computer system includes an ACM with secu- 5 storage of such password without a substantial use of power, 

rity protection. The ACM connects to the console, which has cvcn whcn disconnected. As merely an example, the flash 

at least the following elements, which should not be limit- me mory device has at least 4 Meg. or greater of memory, or 

m S- 16 Meg. or greater of memory. A host interface controller 

1) Connection to input devices, e.g. keyboard or mouse; 507 communications to the north bridge via bus 535 and host 

2) Connection to display devices, e.g. Monitor; 10 P cj bus. The host interface controller also has a lock control 

3) Add-on means, e.g. PCI add-on slots; 509, which couples to a lock. The lock is attached to the 

4) Removable storage media subsystem, e.g. Floppy module and has a manual override to the lock on the host 
drive, CDROM drive; interface controller in some embodiments. Host interface 

5) Communication device, e.g. LAN or modem; controller 507 communicates to the console using bus 511, 

6) An interface device and connectors to ACM; 15 which couples to connection 513. 

7) A computer module bay with a notch in the frame for In one aspect of the present invention the security system 
ACM's lock; and uses a combination of electrical and mechanical locking 

8) Power supply and other accessories. mechanisms. Referring to FIG. 5 A, for example, the present 
As noted, the computer module bay is an opening in a system provides a lock status mechanism in the host inter- 
peripheral console that receives the ACM. The computer 20 face controller 509. The lock status of the lock is determined 
module bay provides mechanical support and protection to by checking a lock status bit 549, which is in the host 
ACM. The module bay also includes, among other elements, interface controller. The lock status bit is determined by a 
a variety of thermal components for heat dissipation, a frame signal 553, which is dependent upon the position of the lock, 
that provides connector alignment, and a lock engagement, Here, the position of the lock is closed in the ground 559 
which secures the ACM to the console. The bay also has a 25 position, where the latch couples to a ground plane in the 
printed circuit board to mount and mate the connector from module and/or system. Alternatively, the signal of the lock 
the ACM to the console. The connector provides an interface is at Vcc, for example, which is open. Alternatively, the 
between the ACM and other accessories. signal can be ground in the open position and Vcc in the 

FIG. 5 is a simplified block diagram 500 of a security closed position, depending upon the application. Other sig- 

system for a computer module according to an embodiment 30 nal schemes can also be used depending upon the applica- 

of the present invention. This diagram is merely an illustra- lion. 

tion and should not limit the scope of the claims herein. One Once the status is determined, the host interface controller 

of ordinary skill in the art would recognize other variations, turns the lock via solenoid 557 in a lock on or lock off 

modifications, and alternatives. The block diagram 500 has position, which is provided through the control bit 551, for 

a variety of features such as those noted above, as well as 35 example. The control bit is in a register of the host interface 

others. In the present diagram, different reference numerals controller in the present example. By way of the signal 

are used to show the operation of the present system. schemes noted and the control bit, it is possible to place the 

The block diagram is an attached computer module 500. lock in the lock or unlock position in an electronic manner. 

The module 500 has a central processing unit, which com- Once the status of the lock is determined, the host interface 

municates to a north bridge 541, by way of a CPU bus 527. *o controller can either lock or unlock the latch on the module 

The north bridge couples to main memory 523 via memory using a variety of prompts, for example, 

bus 529. The main memory can be any suitable high speed In a preferred embodiment, the present invention uses a 

memory device or devices such as dynamic random access password protection scheme to electronically prevent unau- 

memory ("DRAM") integrated circuits and others. The thorized access to the computer module. The present pass- 

DRAM includes at least 32 Meg. or 64 Meg. and greater of 45 word protection scheme uses a combination of software, 

memory, but can also be less depending upon the applica- which is a portion of the security program, and a user 

tion. Alternatively, the main memory can be coupled directly password, which can be stored in the flash memory device 

with the CPU in some embodiments. The north bridge also 505. By way of the flash memory device, the password does 

couples to a graphics subsystem 515 via bus 542. The not become erased by way of power failure or the lock. The 

graphics subsystem can include a graphics accelerator, 50 password is substantially fixed in code, which cannot be 

graphics memory, and other devices. Graphics subsystem easily erased. Should the user desire to change the password, 

transmits a video signal to an interface connector, which it can readily be changed by erasing the code, which is stored 

couples to a display, for example. in flash memory and a new code (i.e., password) is written 

The attached computer module also includes a primary into the flash memory. An example of a flash memory device 

hard disk drive that serves as a main memory unit for 55 can include a Intel Flash 28F800F3 series flash, which is 

programs and the like. The hard disk can be any suitable available in 8 Mbit and 16 Mbit designs. Other types of flash 

drive that has at least 2 GB and greater. As merely an devices can also be used, however. Details of a password 

example, the hard disk is a Marathon 2250 (2.25 GB, 2 V£ protection method are further explained below by way of the 

inch drive) product made by Seagate Corporation of Scotts FIGS. 

Valley, but can be others. The hard disk communicates to the 60 In a specific embodiment, the present invention also 

north bridge by way of a hard disk drive controller and bus includes a real-time clock 510 in the ACM, but is not 

lines 502 and 531. The hard disk drive controller couples to limited. The real-time clock can be implemented using a 

the north bridge by way of the host PCI bus, which connects reference oscillator 14.31818 MHz 508 that couples to a 

bus 537 to the north bridge. Hie hard disk includes computer real-time clock circuit The real-time clock circuit can be in 

codes that implement a security program according to the 65 the host interface controller. An energy source 506 such as 

present invention. Details of the security program are pro- a battery can be used to keep the real-lime clock circuit 

vided below. running even when the ACM has been removed from the 
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console. The real-lime clock can be used by a security the security detection program determines if the password 

program to perform a variety of functions. As merely an (or other security code) matches with the designated 

example, these functions include: (1) fixed time period in password, step 621. If not, the lock stays ON, step 623. 

which the ACM can be used, e.g., ACM cannot be used at Alternatively, the security program releases the lock 625, 

night; (2) programmed ACM to be used after certain date, 5 which frees the ACM. Next, the ACM can be removed, step 

c .g., high security procedure during owner's vacation or non '^7. 

use period; (3) other uses similar to a programmable time 111 m alternative embodiment, the present invention pro- 
lock. Further details of the present real-time clock arc vides , a £° r *c ACM, which is outside the 
described in the application listed under Ser. No. 09/183,816 c A ons ° le ot computer module bay. See, FIG. 7, for example, 
noted above 10 shown, the security system is implemented to prevent 

In still a further embodiment, the present invention also "legal or unauthorized use (step 701) of the ACM, which has 

includes a permanent password or user identification code to «* be , e „ n J ,D "j e console Here, a key turns ON a lock 

identify the computer module. In one embodiment, the < ste P ™ 3 )- ™ e lc * k m ° ves » Uu * m , tbe ACM to a 

permanentpasswordorusercodeisstoredinaflashmemory spatial locanon that physically blocks the passage of the 

device. Alternatively, the permanent password or user code is ACM mt0 «e computer module bay. Accordingly the ACM 

is stored in the central processing unit. The password or user cannot 1D f rl < ste P 705 > lnt0 L Ul f computer module bay. 

code can be placed in the device upon manufacture of such , ^ ™ ^ ,teraau * e , as P? ct ' ! ? V ° an be ,Bed l ° tm °. ,he 

device. Alternatively, the password or user code can be lo * °™> ste P 707 \ Here > ^y moves the latch in a 

placed in the device by a one time programming techniques sclcct ^ d s P atial loca ' lon allows the ACM to be inserted 

using, for example, fuses or the like. The present password 20 m *» ^ computer bay module. In the OFF position, the 

or user code provides a permanent "finger print" on the ACM i?f mt ° ^ computer module bay, step 709. Once 

device, which is generally hardware. The permanent finger * e ACM » in the * user can ^ °P era,m 8 the 

print can be used for identification purposes for allowing the mrOT 8 h . the , « ,nsol u e ' embodiment the computer 

user of the hardware to access the hardware itself, as weU as conso ! e mclud,n S A< T M ?° 6S , ? r0Ug ^ ,he SeqUenCe ° f 

other systems. These other systems include local and wide 2S st T 10 the above ™? but ,s 1 DOt lun,ted : . , 

area networks. Alternatively, the systems can also include In a s P eclfic embodlment ' ,h . e P resent invention imple- 

one or more servers. The present password and user iden- m ' nts ^ sequences above using computer software In 

tification can be quite important for electronic commerce oth « r a fP ecls ' computer hardware can also be used and is 

applications and the like. In one or more embodiments, the Preferably in some applications. The computer hardware can 

permanent password or user code can be combined with the 30 mcludf ; a mechanical lock, which is built into the ACM. An 

password on flash memory for the security program, which ° f su< * mechanical lock is shown above, but can 

is described below in more detail. ako "* others - ,D other as P ccts ' ,he lock «■ be controlled or 

II SECURITY DETECTION PROGRAMS accessed electronically by way of computer software. Here, 

FIGS. 6 and 7 show simplified flow diagrams 600, 700 of ^ ke y can <* «*ed to as a manual override if the ACM or 

security methods according to embodiments of the present 35 com P uter Ms. 

invention. These diagrams are merely illustrations and . ™ c J«* : * " sed t0 P rcvcnt mc ft and accidental removal 

should not limit the scope of the claims herein. One of mS1 ^ ™B. ™ e CUrrent mV 1 entl0D lock inside 

ordinary skill in the art would recognize other variations, A ™ to aUow 1 a ^ cr to keep a single key as ACM is 

modifications, and alternatives. Referring to FIG. 6, which m ^ e /. from conso1 ^ to t ^^sole at different locaUons When 

considers an example for when the ACM is inserted into the 40 ACM * in transit > ^ ] odc can j> e e °| a f f usm S *** ^J" 

computer module bay in the console, ACM has already been that ' h • \* c * extends ° u * lde A ™ s . closure. The 

inserted into the console and is firmly engaged in an elec- ** e * ded ! atch A ^ M ^ ^ J^T ml ° a ° y 

trical and mechanical manner. A computer system is pow- ™ B - This prevents any illegal use of ACM by someone 

ered up 601, which provides selected signals to the micro- oth , er than the user ' L . 

processor. The microprocessor oversees the operation of the 45 In one a ff cc JL° f the ™ 10n > * e ^ Pff^rd is 

computer system. The microprocessor searches the memory Programmable. The password can be programmable by way 

in, for example, the hard disk drive and execute a security °J * c secunty program The password can be stored m a 

program step 603 memory device within the ACM. Accordingly, the user 

The security program runs through a sequence of steps of me ACM a ° d thc would DCcd to havc the **** 

before allowing a user to operate the present system with the 50 P^word m order to access the ACM. In the present aspect, 

ACM. Among other processes, the security program deter- thc combination of a secunty program and user password 

mines if an "Auto-lock" is ON. If so, the security program ?JJ P r0Vlde lhe ^ a Wlde variet y of sccunt y functl0QS as 

goes via branch 606 to step 607. Alternatively, the security follows: 

program goes to step 609, which determines that the lock *) Auto-lock capability when ACM is inserted into CMB; 

stays OFF and loops to step 627, which indicates that the 55 2 ) Access privilege of program and data; 

ACM can be removed physically from the console. In step 3) Password matching for ACM removal; and 

607, the security program turns a switch or switching means 4) Automatic HDD lock out if tempering is detected, 

that turns ON a lock, which can be electrical, mechanical, or In still a further embodiment, the present invention also 

a combination of electrical and mechanical. includes a method for reading a permanent password or user 

In a specific embodiment, thc security program turns OFF 60 identification code to identify the computer module. In one 

the power of the ACM and console. Here, the security embodiment, the permanent password or user code is stored 

program directs the OS to rum the power OFF, step 613. In in a flash memory device. Alternatively, thc permanent 

an embodiment where power failure occurs (step 611), a key password or user code is stored in the central processing 

is used to release a latch in the ACM on the lock 615, where unit. The password or user code can be placed in the device 

the ACM can be removed, step 627. From step 613, the 65 upon manufacture of such device. Alternatively, the pass- 

securily program detennines if the ACM is to be removed, word or user code can be placed in the device by a one time 

step 617. If not, the lock slays ON, step 619. Alternatively, programming techniques using, for example, fuses or the 
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like. The present password or user code provides a perma- 7. The computer module of claim 1 further comprising a 

nent "finger print" on the device, which is generally hard- security program in a main memory. 

ware. The permanent finger print can be used for identifi- g m The computer module of claim 7 wherein said security 

cation purposes for allowing the user of the hardware to program comprises a code for storing a password on said 

access the hardware itself, as well bs other systems. THese 5 programmable memory device. 

other systems include local and wide area networks. moduk wherein ^ 

Alternatively, the systems can also include one or more r . • . ■ * 

servers. The present method allows a third party confirm the P ro S ram emprises a code for checking a time from said 

user by way of the permanent password or user code. The real-time clock circuit. 

present password and user identification can be quite impor- 10 10 - The computer module of claim 1 further comprising a 

tant for electronic commerce applications and the like, host interface controller coupled to a solenoid that drives a 

which verify the user code or password. In one or more mechanical lock in a first position to a second position, 

embodiments, the permanent password or user code can be 11. The computer module of claim 10 wherein said 

combined with the password on flash memory for the solenoid also drives said mechanical lock from said second 

security program. 15 position to said first position. 

The above embodiments are described generally in terms 12. The computer module of claim 1 further comprising a 

of hardware and software. It will be recognized, however, real-time clock circuit coupled to said central processing 

that the functionality of the hardware can be further com- um | 

bined or even separated. The functionality of the software 13 ^ computer module of claim 12 further comprising 

can also be further combined or even separated. Hardware 20 a batt led t0 a hosl mterface comro i ler that includes 

can be replaced, at times, with software. Software can be s ^ rea j tmnc 

replaced, at times with hardware. Accordingly, the present i4. A method for operating a computer system, said 

embodiments should not be construed as limiting the scope me thod com risin 

of the claims here. One of ordinary skill in the art would me 0 com P nsin 8- 

recognize other variations, modifications, and alternatives. 25 inserting an attached computer module ("ACM") into a 
While the above is a full description of the specific bay of a modular computer system, said ACM corn- 
embodiments, various modifications, alternative construe- prising a microprocessor unit coupled to a mass 
tions and equivalents may be used. Therefore, the above memory storage device; 

description and illustrations should not be taken as limiting applying power to said computer system and said ACM to 

the scope of the present invention which is defined by the 30 execute a security program, said security program 

appended claims. being stored in said mass memory storage device; and 

What is claimed is: c , c ,. . 

1. A computer module, said module comprising: P r e om P Un 8 f °' a f e , r P 35 ^ 0 ? * f * ™ * ^ * 

, . , ' ... . , . 15. The method of claim 14 wherein said ACM comprises 

an enclosure, said enclosure being insertable into a con- ^ M enclosure ^ bouses ^ microprocessor unit and ^ 

50 e * mass memory storage device, 

a central processing unit in said enclosure, said central 16 -p^ memo d of claim 14 further comprising providing 

processing unit comprising a microprocessor based a usef password to said security program. 

integrated circuit chip; 1? The method of ckim 14 farthcr a flash 

a hard disk drive in said enclosure, said hard disk drive ^ mem0 ry device for storing a desired password for said 

being coupled to said central processing unit; and ACM 

a programmable memory device in said enclosure, said 18. The method of claim 17 wherein said flash memory 

programmable memory device being configurable to device maintains said desired password when power is 

store a password for preventing a possibility of unau- removed from said ACM. 

thorized use of said hard disk drive. 45 19 melhod of claim 18 wher ein said flash memory 

2. The computer module ofclaiml further comprising a device fa kd tQ a host ^ m controller that is 
host mterface controller for providing a status of a locking coupkd tQ ^ microprocessor based unit 

device in said enclosure. 20. The method of claim 14 wherein said mass memory 

3. The computer module of claim 1 further comprising a , . . . • • . 
mechanical locking device that is coupled to said program- 50 ^ * °? , comparmg said 
mable memory device. user password with a desired password. 

4. The computer module of claim 1 further comprising a . 21. Hie ™thod of claim 14 further comprising identify- 
host interface controller coupled to a mechanical locking m S a Permanent password or user code on said attached 
device, said host interface controller being coupled to said computer module. 

programmable memory device. ~ 55 22. The method of claim 21 wherein said permanent 

5. The computer module of claim 1 wherein said pro- password or user code is stored in said microprocessor unit, 
grammable memory device comprises a flash memory 23. The method of claim 21 wherein said permanent 
device. password or user code is stored in a flash memory device 

6. The computer module of claim 1 wherein said pro- coupled to said microprocessor unit 
grammable memory device comprises a flash memory 

device having at least 8 Mbits of cells and greater. ♦ ♦ * ♦ ♦ 
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